This content is open to everyone — sign in to save your progress, earn points, and unlock module exams.
Topic 1.3 of Introduction to Malware & Reverse Engineering
How malware rewrites itself to break signature detection — oligomorphic stub rotation, polymorphic mutation engines, and metamorphic full binary rewriting — with detection strategies for each.
By the end of this topic, you will
Quadrant 1 · e-Tutorial
Quick Bite
Quadrant 2 · e-Content
Quadrant 3 · Web Resources
Downloadable reference material
External links
MITRE ATT&CK — Obfuscated Files or Information (T1027)
MITRE ATT&CK entry for obfuscation techniques including polymorphic and metamorphic code, with real-world procedure examples.
VirusTotal — Understanding Detection Rates
Submit a sample and observe how detection rates vary across 70+ engines. Compare a packed vs unpacked version of the same binary to see evasion in action.
REMA eBook 2026 — Chapter 1, Section 1.1.2
Read the full evasion tree diagram and comparison table in the REMA eBook. Available for free download and online reading.
Quadrant 4 · Self-Assessment
Introduction to Malware & Reverse Engineering
Covers malware taxonomy, reverse engineering fundamentals, x86 architecture, debugging concepts, automated analysis tools, and the legality of reverse engineering.
REMA Complete Assessment
A comprehensive 120-question assessment covering the entire Reverse Engineering and Malware Analysis curriculum: malware taxonomy and reverse engineering fundamentals, static and dynamic analysis, reversing malicious code, malicious web and document files, in-depth analysis of packed and fileless malware, and self-defending malware techniques.